Havard.Eidnes@runit.sintef.no writes...
It would prevent simple spoofing, yes, but that would not
eliminate the Smurf attacks since to mount a Smurf attack you
need to use the victim's address as your source address, and that
one *is* typically "valid" according to the criteria you mention
above (?).
But the first router the spoofer hits would NOT likely point the spoofed
address back to the spoofer. At that router this would stop the spoof.
This is why the feature needs to be shipped on all routers and enabled
by default.